Study: Admins slow in patching Apache-SSL servers
About 75 percent of Web sites hosted on Apache-SSL servers are vulnerable, as the software has not been upgraded to fix a serious flaw uncovered in June, according to a survey by Web server information firm Netcraft Ltd. of Bath, England.
Administrators seem to have given priority to patching regular Apache installations, as about half of the 22 million Web sites that rely on Apache are protected through an Apache software upgrade, Netcraft said.
Apache-SSL is a combination of the Apache Web server and OpenSSL security software meant to offer secure Web site connections. Apache-SSL is used for electronic commerce Web sites, for example. Both Apache and OpenSSL are open-source products developed by volunteers.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.